Channels ▼
RSS

Security

Other Voices: Compliance 2010


John H. Capobianco is president and CEO of Lumigent Technologies. Contact John at john.capobianco@lumigent.com..


Looking into my crystal ball for 2010, it looks like more companies will be making the most of a difficult regulatory situation. Let's face it, there's no escaping the regulatory reform being driven by the current state of the economy, the increase in governmental legislation, and the continuing ripple effects of the financial crisis that shook the world in 2008 and 2009.

Regulated companies will face increased scrutiny, demands for transparency, and regulatory pressures that are destined to drive up the cost of compliance for every company, regardless of stature. And given the accuracy of my crystal ball -- it did forecast the Yankees win over the Phillies, much to my chagrin -- compliance costs will go up relative to the growth of business and actually grow faster than the acceleration of business into the next decade, through 2020.

That's not good news, but this is: There has been some decline in the costs of regulatory reporting because of the maturity of the compliance reporting environments. At least that's what the Securities and Exchange Commission found in its September 2009 report, Study of the Sarbanes-Oxley Act of 2002 Section 404 Internal Control over Financial Reporting Requirements.

The SEC report basically assesses the efficacy of reforms introduced in 2007 designed to reduce the costs of complying with Section 404, which were "generally viewed as being unexpectedly high." The assessment itself is based on a survey of financial executives of companies with Section 404 experience, and according to these executives, companies are seeing more cost-effective internal controls evaluations and audits. In particular, they are seeing reductions in internal labor costs, external audit fees, consultant costs and non-labor or software costs.

Of course, everybody now wants to know, will those costs be replaced by other reporting costs? I don't think so. The change in activities for companies subject to Section 404 is generating additional, favorable results for corporations, not due to costs, but due to a reduction in the number of risks and controls that are subject to testing. Standardization is driving down costs associated with testing risk and controls. We have seen some reduction in deficiencies and material weaknesses for companies. And a lot of companies are internalizing Section 404 reporting rather than relying on external sources, partly because those sources are quite expensive.

In addition to cost reductions, the SEC study reveals some of the most widely reported benefits of compliance including improvements in:

  • The quality of the respondent company's internal control structure
  • The audit committee's confidence in the company's internal control over financial reporting
  • The quality of the company's financial reporting
  • The company's ability to prevent and detect fraud
  • The respondent's confidence in the financial reports of other companies complying with Section 404

Other reported benefits include improvements in the company's ability to raise capital, investor confidence in the company's financial reports, the company's overall firm value, and the liquidity of the company's common stock.

The SEC report findings align nicely with the mission I've been on to automate compliance reporting. Companies can lower their costs and improve confidence in their financial projections. In turn, they have fewer material weaknesses, fewer audit issues. They have an easier time raising money and establishing confidence in the investor markets and the stock markets.

Yes, the 2007 SOX reforms are helping companies to cut their Section 404 costs and realize additional benefits. Automating compliance reporting with software that continuously monitors application-specific data and controls continuous monitoring technology, amplifies those benefits across the board.

For a lot of companies, 2010 is the year to start turning regulatory lemons into compliance lemonade. The SEC has already done its part by providing the SOX regs. Same with the Defense Contract Audit Agency and other regulating bodies. Now, it's time to add the sugar -- automation.

Automation is key to driving down audit and compliance reporting costs and getting a better handle on your requirements. Why wait for the SEC or some other organization to reign in the costs associated with adhering to its rules and regulations? Automation puts your company's financial destiny in your hands. And automating can help any company reach its objectives for 2010 if they include cost savings as well as improved internal controls, governance, and the other benefits reported above.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video